Inside .NET Smart Card Operating System - 44CON 2012


Published on

Behrang Fouladi presents Inside .NET Smart Card Operating System at 44CON 2012 in London, September 2012.

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Inside .NET Smart Card Operating System - 44CON 2012

  1. 1. Inside .NET Smart Card Operating System 44Con, September 2012 Behrang Fouladi, SensePost
  2. 2. What is a smart card? VS
  3. 3. What is a smart card?
  4. 4. Single Application Smart Cards
  5. 5. Multi-Application Smart Card Card Parking Access ControlCashless PaymentsComputer Access Identification
  6. 6. Did you know?• How many of you have Orange SIM cards?• What applications are running on your SIM card?• Any other apps working silently?
  7. 7. Example: SIM Tracker Applet• Operators goal: sending the MMS/APN settings to the new handset• Can also be used for investigation purposes
  8. 8. In The News…– Oyster card: Crypto-1 encryption algorithm attack, 2004– Cambridge university: EMV relay attack, 2010– Sykipot malware Targeting US DoD smart cards, 2011-2012
  9. 9. In The News…
  10. 10. Why?
  11. 11. Why?• 8 billion smart cards by 2014• The “Internet of Things”• Chip-enabled mobile payments• Hardware backdoors• Malware is everywhere!
  12. 12. Smart Card Firewall
  13. 13. Multi-application Smart Card Platforms .NET card MULTOS JavaCard
  14. 14. .NET Smart Card• First .NET virtual machine on the chip• Native support in Windows 7 and server 2008• Used in: – Smart card based corporate badges (Microsoft employees badge) – Remote Access Control (USA DoD and UK MOD)
  15. 15. .NET smart card overview
  16. 16. .NET smart card security model App Domain BApp Domain C App Domain A RSA Sig(B)RSA Sig(C) RSA Sig(A)
  17. 17. Public Key Token
  18. 18. Code Access Security
  19. 19. Data Access Security
  20. 20. Card application development Deployment & Debugging ?? ?? Communication (APDU) ??
  21. 21. Card application development .NET assembly (1) Compiles program Converter (3) Signed card binary Plug-in (2) Conversion to card binary (4) .NET remoting comm. Comm. Proxy (5) APDU comm. Vendor’s SDK
  22. 22. How secure is .NET card?• Has EAL5+ certified Infenion chip• EAL certification is widely used by smart card industry (EAL3 to EAL7)• .NET card OS is designed to achieve EAL4+• EAL4+ audit: – takes 6 to 9 months, costs high 10sk to low 100sk £ – includes independent penetration testing and source code review in some case• No published vulnerabilities so far
  23. 23. Rev. Engineering For Vuln. Discovery
  24. 24. Smart Card Vuln. research• No Chip OS binary is available• Traditional tools (debuggers, disassemblers) are useless• No publicly available testing tools• Secure chips have sensors, shields, encryption• ON-card bytecode/IL code verifier
  25. 25. “HiveMod” Tool
  26. 26. HiveMod• Vulnerability research tool, for: – .NET card binary (Hive format) visualization – Card Binary manipulation – Card binary Re-signing
  27. 27. .NET Card BinaryCompiler HeaderDigital signature HeaderObject counters HeaderNamespaces reference tableTypes reference tableMethods reference tableFields reference tableBlob definitionsType definitionsMethod definitionsProgram code (IL code)RSA signature
  28. 28. HIVE manipulation/fuzzing
  29. 29. Manipulating Digital Signature Header Compiler Header Digital signature Header offset Field name size 32 SHA1 hash of the full assembly 20 Object counters Header 52 Public key token 8 60 RSA modulus length 4 (len) Namespaces reference table 64 RSA public exponent 4 Types reference table 68 RSA modulus len Methods reference table Fields reference table Blob definitions Type definitions Method definitions Program code (IL code) RSA signature
  30. 30. Manipulating Digital Signature Header PBKT=Reverse(Right(SHA1(RSA_modulus),8))
  31. 31. (Bypassing .NET card app Firewall) Old school attack: Public Key Token Spoofing
  32. 32. Attack DemoLet’s use the HiveMod tool to test this vulnerability!
  33. 33. Manual testing vs. HiveMod• Rev. engineering the SDK: ~2 months• Hex editor for binary patching : Frustrating• Modified card binary needs to be signed• Destroying at least 10 cards: ~200 Euros
  34. 34. Real World Attack? (2) Payment GSM (data)Access control app Employee POS terminal corporate E-Purse app cafeteria (no GSM access) (4) save to card GSM (data)(1) Attacker plants malware in e-purse (3) Access control data exfiltration Attacker’s system
  35. 35. Fiction or Real? Document available on the internet
  36. 36. Vendor’s Response• “An attacker needs administration key to be able to upload his malicious application on the card, This Key is normally securely stored in a HSM or a smart card based controller”.
  37. 37. Vendor’s Response• “Knowledge of the Public Key Token of the targeted application is required”.
  38. 38. Vendor’s Response• “The targeted application must use private file-system storage for its data to be exposed. Therefore, internal (Application Domain) storage is immune to such attack”. byte[] key={0xaf,0x09,0x45,0x12,....};
  39. 39. More Vulnerabilities...• Unauthorized memory read in InitializeArray(): public static void InitializeArray(Array array,RuntimeFieldHandle fldHandle);• Results: Partial memory dump• Destroys the card (no reliable exploitation yet)
  40. 40. More Vulnerabilities...
  41. 41. Conclusions• don’t worry!• check the apps PKTs for tampering.• Use a secure card management system• Smart card apps can be patched/updated , but not the card’s OS!• Smart cards OS and apps and card management software need pen tests too!
  42. 42. Closing words• HiveMod Tool would be available to Smart Card vendors and security researchers (contact• I’d like to thank Dr. Kostas Markantonakis for supervising my research
  43. 43. Questions?